From: Carlo Zancanaro <carlo@zancanaro.id.au>
To: Roel Janssen <roel@gnu.org>
Cc: guix-devel@gnu.org
Subject: Re: [PATCH] gnu: icedtea-8: Build keystore without id-ecPublicKey certificates.
Date: Thu, 02 Mar 2017 08:23:19 +1100 [thread overview]
Message-ID: <87o9xkbsjc.fsf@zancanaro.id.au> (raw)
In-Reply-To: <rbuzih7zq7r.fsf@gnu.org>
[-- Attachment #1.1: Type: text/plain, Size: 473 bytes --]
On Mon, Feb 27 2017, Roel Janssen wrote
> Unfortunately, I don't seem to be able to apply your patch. [ ... ]
Hmm. That's strange. I generated a new patch which hopefully will work.
I tried applying it to master on my machine and it seemed to work fine.
I'm not sure what to do with this in light of Ricardo's comments, but
I'm hopeful that it can be pushed. (The advantage not having the ability
to push is that I don't have to make any real decisions. Hooray!)
Carlo
[-- Attachment #1.2: 0001-gnu-icedtea-6-Modify-certificate-import-to-not-fail-.patch --]
[-- Type: text/x-patch, Size: 3306 bytes --]
From 8d499d361cb89c29902ef21c46b3899c2f6799f7 Mon Sep 17 00:00:00 2001
From: Carlo Zancanaro <carlo@zancanaro.id.au>
Date: Sun, 26 Feb 2017 11:34:44 +1100
Subject: [PATCH] gnu: icedtea-6: Modify certificate import to not fail for
icedtea-8.
* gnu/packages/java.scm (icedtea-6)[arguments]: Fix install-keystore phase to
not fail the build when attempting to import unsupported certificate
types (which occur with icedtea-8, which inherits from icedtea-6). Also
ensure that the keystore is able to be written to before copying it.
---
gnu/packages/java.scm | 17 ++++++++++++-----
1 file changed, 12 insertions(+), 5 deletions(-)
diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm
index e7479e1b0..1abdf607f 100644
--- a/gnu/packages/java.scm
+++ b/gnu/packages/java.scm
@@ -1,7 +1,8 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015, 2016 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
-;;; Copyright © 2016 Roel Janssen <roel@gnu.org>
+;;; Copyright © 2016, 2017 Roel Janssen <roel@gnu.org>
+;;; Copyright © 2017 Carlo Zancanaro <carlo@zancanaro.id.au>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -706,7 +707,7 @@ build process and its dependencies, whereas Make uses Makefile format.")
"-file" temp)))
(display "yes\n" port)
(when (not (zero? (status:exit-val (close-pipe port))))
- (error "failed to import" cert)))
+ (format #t "failed to import ~a\n" cert)))
(delete-file temp)))
;; This is necessary because the certificate directory contains
@@ -719,6 +720,15 @@ build process and its dependencies, whereas Make uses Makefile format.")
"/lib/security"))
(mkdir-p (string-append (assoc-ref outputs "jdk")
"/jre/lib/security"))
+
+ ;; The cacerts files we are going to overwrite are chmod'ed as
+ ;; read-only (444) in icedtea-8 (which derives from this
+ ;; package). We have to change this so we can overwrite them.
+ (chmod (string-append (assoc-ref outputs "out")
+ "/lib/security/" keystore) #o644)
+ (chmod (string-append (assoc-ref outputs "jdk")
+ "/jre/lib/security/" keystore) #o644)
+
(install-file keystore
(string-append (assoc-ref outputs "out")
"/lib/security"))
@@ -1023,9 +1033,6 @@ build process and its dependencies, whereas Make uses Makefile format.")
(find-files "openjdk.src/jdk/src/solaris/native"
"\\.c|\\.h"))
#t)))
- ;; FIXME: This phase is needed but fails with this version of
- ;; IcedTea.
- (delete 'install-keystore)
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(let ((doc (string-append (assoc-ref outputs "doc")
--
2.11.1
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
next prev parent reply other threads:[~2017-03-01 21:23 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-10 11:32 [PATCH] gnu: icedtea-8: Build keystore without id-ecPublicKey certificates Roel Janssen
2017-02-26 0:44 ` Carlo Zancanaro
2017-02-26 17:02 ` Roel Janssen
2017-02-27 12:45 ` Carlo Zancanaro
2017-02-27 14:02 ` Roel Janssen
2017-03-01 21:23 ` Carlo Zancanaro [this message]
2017-03-01 22:31 ` Ricardo Wurmus
2017-03-01 22:52 ` Roel Janssen
2017-03-02 7:07 ` Ricardo Wurmus
2017-02-27 15:01 ` Ricardo Wurmus
2017-02-27 21:16 ` Carlo Zancanaro
2017-02-27 22:07 ` Leo Famulari
2017-03-01 22:34 ` Ricardo Wurmus
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87o9xkbsjc.fsf@zancanaro.id.au \
--to=carlo@zancanaro.id.au \
--cc=guix-devel@gnu.org \
--cc=roel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.